From owner-freebsd-net@FreeBSD.ORG Mon Mar 6 16:20:27 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A38D16A420 for ; Mon, 6 Mar 2006 16:20:27 +0000 (GMT) (envelope-from saundersconsult@hotmail.com) Received: from hotmail.com (bay115-f28.bay115.hotmail.com [65.54.250.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE41D43D49 for ; Mon, 6 Mar 2006 16:20:26 +0000 (GMT) (envelope-from saundersconsult@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Mon, 6 Mar 2006 08:20:26 -0800 Message-ID: Received: from 65.54.250.200 by by115fd.bay115.hotmail.msn.com with HTTP; Mon, 06 Mar 2006 16:20:22 GMT X-Originating-IP: [64.60.108.59] X-Originating-Email: [saundersconsult@hotmail.com] X-Sender: saundersconsult@hotmail.com In-Reply-To: <4356E47D.605@freemail.gr> From: "Shawn Saunders" To: dionch@freemail.gr Date: Mon, 06 Mar 2006 08:20:22 -0800 X-Priority: 1 Importance: High Mime-Version: 1.0 Content-Type: text/plain; format=flowed X-OriginalArrivalTime: 06 Mar 2006 16:20:26.0531 (UTC) FILETIME=[E0B18730:01C64139] Cc: freebsd-net@freebsd.org Subject: Re: Trying to make a Host into a gigabit hub for testing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2006 16:20:27 -0000 >From: Chris Dionissopoulos >Reply-To: dionch@freemail.gr >To: Shawn Saunders >CC: freebsd-net@freebsd.org >Subject: Re: Trying to make a Host into a gigabit hub for testing >Date: Thu, 20 Oct 2005 03:27:41 +0300 >MIME-Version: 1.0 >Received: from mx2.freebsd.org ([216.136.204.119]) by mc7-f42.hotmail.com >with Microsoft SMTPSVC(6.0.3790.211); Wed, 19 Oct 2005 17:29:08 -0700 >Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])by >mx2.freebsd.org (Postfix) with ESMTP id 656895B21A;Thu, 20 Oct 2005 >00:29:05 +0000 (GMT)(envelope-from owner-freebsd-net@freebsd.org) >Received: from hub.freebsd.org (localhost [127.0.0.1])by hub.freebsd.org >(Postfix) with ESMTP id C0E6216A423;Thu, 20 Oct 2005 00:29:01 +0000 >(GMT)(envelope-from owner-freebsd-net@freebsd.org) >Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])by >hub.freebsd.org (Postfix) with ESMTP id DD73616A41Ffor >; Thu, 20 Oct 2005 00:28:47 +0000 >(GMT)(envelope-from dionch@freemail.gr) >Received: from smtp.freemail.gr (smtp.freemail.gr [213.239.180.35])by >mx1.FreeBSD.org (Postfix) with ESMTP id 5364843D5Afor >; Thu, 20 Oct 2005 00:28:47 +0000 >(GMT)(envelope-from dionch@freemail.gr) >Received: by smtp.freemail.gr (Postfix, from userid 101)id C34DCBC047; Thu, >20 Oct 2005 03:28:45 +0300 (EEST) >Received: from [10.0.0.1] (vdp1003.ath03.dsl.hol.gr >[62.38.168.4])bysmtp.freemail.gr (Postfix) with ESMTP id 18E14BC037;Thu, 20 >Oct 2005 03:28:44 +0300 (EEST) >X-Message-Info: JGTYoYF78jEHjJx36Oi8+Z3TmmkSEdPtfpLB7P/ybN8= >X-Original-To: freebsd-net@freebsd.org >Delivered-To: freebsd-net@freebsd.org >User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) >X-Accept-Language: en-us, en >References: >X-BeenThere: freebsd-net@freebsd.org >X-Mailman-Version: 2.1.5 >Precedence: list >List-Id: Networking and TCP/IP with FreeBSD >List-Unsubscribe: >, >List-Archive: >List-Post: >List-Help: >List-Subscribe: >, >Errors-To: owner-freebsd-net@freebsd.org >Return-Path: owner-freebsd-net@freebsd.org >X-OriginalArrivalTime: 20 Oct 2005 00:29:08.0388 (UTC) >FILETIME=[48E05640:01C5D50D] > >SS>I am setting up a test environment with multiple IDS's. ngctl looks >like a solution but it is not broadcasting all packets to all interfaces as >the documentation appears to state it should. I've probably made some >error in configuration. >SS> >SS>My goal is to put em0 into a spanned port in promiscuous mode and >broadcast all traffic from that port out the other network interfaces. I >plan on having em0 (gigabit) and 6 other gigabit interfaces. Each will >then echo the same traffic to six other machines (IDS's) for testing. >SS> >SS>The proof of concept with a gigabit (EM0) and 4 10/100 ethernets (sfx). >The 10/100's will be replaced for implementation. >SS> >SS>Any help would be appreciated. My config follows: > >Hi, >Why to use ng_fec and ng_one2many together? >how about something simplier, like: > > +----------+ -->-sf0:lower--->wire >wire>--em:lower->| one2many | -->-sf1:lower--->wire > | | -->-sf2:lower--->wire > +----------+ -->sf3:lower--->wire > >ngctl mkpeer em0: one2many lower one >ngctl name em0:lower o2m >ngctl connect sf0: o2m lower many0 >ngctl connect sf1: o2m lower many1 >ngctl connect sf2: o2m lower many2 >ngctl connect sf3: o2m lower many3 >ngctl msg o2m setconfig "{ xmitAlg=2 failAlg=1 enabledLinks=[1 1 1 1 1] }" > >ngctl msg sf0: setpromisc 1 >ngctl msg sf0: setautosrc 0 >ngctl msg sf1: setpromisc 1 >ngctl msg sf1: setautosrc 0 >ngctl msg sf2: setpromisc 1 >ngctl msg sf2: setautosrc 0 >ngctl msg sf3: setpromisc 1 >ngctl msg sf3: setautosrc 0 >ngctl msg em0: setpromisc 1 >ngctl msg em0: setautosrc 0 > >This keeps kernel-stack isolated from traffic, I think >(and all interfaces involved layer2 unreachable from outsiders). > >Just tell us if its working for you. > >Chris. > Chris, Your help was greatly appreciated. I posted the STATS on our tests and hope that was informative. It went very well. Now we have a slightly different scenario, and ng_hub sounds like the perfect solution: I need to have 2 different incoming ports data put together and out as a group to 4 other ports. I need to have 3 differnet incoming ports data put together and then redirected out 2 other ports. Basically will ng_hub allow me to have a setup whereby I can have data coming in via Port A, B, and C, and it goes out on only ports, D, E, F, and G? Not ports A, B, or C? Shawn